Example #1
0
def sstep_disasm(vm):
    code_loc = vm.cpu.code_location()
    code_bytes = vm.mem.vread(code_loc, 15)
    print "(%dbit) pc = %#x | %s" % (vm.cpu.mode,code_loc,code_bytes.encode('hex'))

    print am.disassemble(code_bytes, address=code_loc)
    return True
Example #2
0
def test_asm_010(map):
  c = b'\xe8\x9b\xff\xff\xff'
  i = cpu.disassemble(c,address=0)
  map.clear()
  i.address = 0x08040005
  map[eip] = cst(i.address,32)
  i(map)
  assert str(i)=='call        *0x803ffa5'
  assert map(mem(esp))==i.address+5
  assert map(eip)==(i.address+5-101)
Example #3
0
def test_asm_033(map):
    c = b'\x54'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(esp) == 0x67452301 - 4
    assert map(mem(esp, 32)) == cst(0x67452301, 32)
Example #4
0
def test_asm_030(map):
    c = b'\x88\x02'
    i = cpu.disassemble(c, address=0)
    i(map)
Example #5
0
def test_asm_028(map):
    c = b'\xc0\xf0\x02'
    i = cpu.disassemble(c, address=0)
    i(map)
Example #6
0
def test_asm_027(map):
    c = b'\x83\xfa\x00'
    i = cpu.disassemble(c, address=0)
    map.clear()
    i(map)
    assert str(map(zf)) == '(edx==0x0)'
Example #7
0
def test_asm_025(map):
    c = b'\x0c\x00'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(al) == al | 0
    assert map(ah) == ah
Example #8
0
def test_asm_023(map):
    c = b'\x23\x6f\xe8'
    i = cpu.disassemble(c, address=0)
    map.clear()
    i(map)
    assert map(ebp) == ebp & mem(edi, 32, disp=-0x18)
Example #9
0
def test_asm_020(map):
    c = b'\x0f\xb6\x90\x3c\xb1\x05\x08'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(edx)[8:32] == 0
Example #10
0
def test_decoder_003():
    c = b'\xeb\x0c'
    i = cpu.disassemble(c)
    op1 = i.operands[0]
    assert op1.value == 0xc and op1.size == 32
Example #11
0
def test_asm_008(map):
    c = b'\xff\xd2'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(eip) == edx
    assert map(mem(esp)) == 0x4
Example #12
0
def test_asm_007(map):
    c = b'\x58'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(eax) == eax
    assert map(esp) == 0
Example #13
0
def test_asm_005(map):
    c = b'\xcc'
    i = cpu.disassemble(c, address=0)
    assert i.mnemonic == 'INT3'
    i(map)
Example #14
0
def test_asm_004(map):
    c = b'\xf4'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert i.mnemonic == 'HLT'
    assert map(eip) == top(32)
Example #15
0
def test_asm_002(map):
    c = b'\xc9'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert str(map) == '''\
Example #16
0
def disasm_wrapper(addr, data):
    return am.disassemble(data, address=addr)
Example #17
0
def test_asm_019(map):
    c = b'\x0f\xbe\xd0'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(edx)[0:8] == map(al)
    assert str(map(edx)[8:32]) == '(M8(eax+16)[7:8] ? -0x1 : 0x0)'
Example #18
0
def test_asm_012(map):
    c = b'\xe9\xe0\xff\xff\xff'
    i = cpu.disassemble(c, address=0)
    i.address = map(eip).v
    i(map)
    assert map(eip) == i.address + i.length - 32
Example #19
0
def test_asm_021(map):
    c = b'\x00\x00'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert str(map(mem(eax, 8))) == '(M8(M32(eax+16))+M8(eax+16))'
Example #20
0
def test_asm_013(map):
    c = b'\xff\x25\xe8\xb0\x05\x08'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(eip) == mem(cst(0x805b0e8))
Example #21
0
def test_asm_024(map):
    c = b'\x83\xe4\xf0'
    i = cpu.disassemble(c, address=0)
    map[esp] = cst(0xc0000004)
    i(map)
    assert map[esp] == 0xc0000000
Example #22
0
def test_asm_014(map):
    c = b'\xc2\x0c\x00'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(eip) == 0x804000a
    assert str(map(esp)) == '(esp+0xc)'
Example #23
0
def test_asm_026(map):
    c = b'\x33\x55\xe4'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(edx) == edx ^ map(mem(ebp, 32, disp=-0x1c))
Example #24
0
def test_asm_015(map):
    c = b'\xcd\x80'
    i = cpu.disassemble(c, address=0)
    i(map)
Example #25
0
def test_decoder_005():
    c = b'\xc4\x84\x3d\xd3\x10\xa3\x70'
    i = cpu.disassemble(c)
    op2 = i.operands[1]
    assert str(op2) == 'M48es((ebp+edi)+1889734867)'
Example #26
0
def test_asm_016(map):
    c = b'\x40'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(eax) == (eax + 1)
Example #27
0
def test_asm_029(map):
    c = b'\xc1\xf6\x20'
    i = cpu.disassemble(c, address=0)
    i(map)
Example #28
0
def test_asm_017(map):
    c = b'\x4e'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert map(esi) == (esi - 1)
Example #29
0
def test_asm_031(map):
    c = b'\x8d\x02\xc3'
    i = cpu.disassemble(c, address=0)
    i(map)
    assert str(map(eax)) == '(edx)'
Example #30
0
def test_asm_018(map):
    c = b'\x8b\x40\x10'
    i = cpu.disassemble(c, address=0)
    map.clear()
    i(map)
    assert str(map(eax)) == 'M32(eax+16)'
Example #31
0
def test_decoder_007():
    c = b'\x69\xe9\x3d\xc2\x00\x00'
    i = cpu.disassemble(c)
    op1, op2, op3 = i.operands
    assert str(op1) == 'ebp' and str(op2) == 'ecx' and str(op3) == '0xc23d'
Example #32
0
def test_decoder_004():
    c = b'\x8b\x14\x85\x00\xbd\x05\x08'
    i = cpu.disassemble(c)
    op2 = i.operands[1]
    assert str(op2) == 'M32((eax*0x4)+134593792)'